Lucene search
K
EasyvirtCo2scope

6 matches found

CVE
CVE
added 2025/01/31 12:0 a.m.101 views

CVE-2024-53355

CVE-2024-53355 affects EasyVirt DCScope (versions 8.6.0 and earlier) and EasyVirt CO2Scope (versions 1.3.0 and earlier). The issue is improper access control in the user API surface, enabling remote authenticated attackers with low privileges to perform admin-like actions via multiple endpoints: ...

8.8CVSS8.4AI score0.0053EPSS
CVE
CVE
added 2025/01/31 12:0 a.m.89 views

CVE-2024-53354

Multiple SQL injection vulnerabilities affect EasyVirt DCScope <= 8.6.0 and EasyVirt CO2Scope <= 1.3.0. An authenticated remote attacker can alter SQL via numerous parameters across API endpoints, including user/filters in endpoints such as /api/management/findfilterlist, /api/audit/findmet...

6.5CVSS7.2AI score0.00482EPSS
Web
CVE
CVE
added 2025/01/31 12:0 a.m.86 views

CVE-2024-53356

CVE-2024-53356 affects EasyVirt DCScope <= 8.6.0 and CO2Scope

9.8CVSS9.3AI score0.00639EPSS
CVE
CVE
added 2025/01/31 12:0 a.m.85 views

CVE-2024-57587

The CVE-2024-57587 issue affects EasyVirt DCScope (<= 8.6.0) and EasyVirt CO2Scope (

9.1CVSS8.5AI score0.00561EPSS
Web
CVE
CVE
added 2025/01/31 12:0 a.m.79 views

CVE-2024-53357

Summary of CVE-2024-53357 : The affected products are EasyVirt DCScope (<= 8.6.0) and EasyVirt CO2Scope (

7.5CVSS7.8AI score0.00493EPSS
CVE
CVE
added 2025/01/31 12:0 a.m.58 views

CVE-2024-55062

CVE-2024-55062 affects EasyVirt DCScope and EasyVirt CO2Scope. The vulnerability is a code injection flaw in the vulnerable API endpoint /api/license/sendlicense/, allowing remote unauthenticated attackers to execute arbitrary code. Reported versions: DCScope ≤ 8.6.0 and CO2Scope ≤ 1.3.0. The ava...

9.8CVSS9.9AI score0.0109EPSS